Ventiv Resource Library
Issue link: https://ventiv.uberflip.com/i/273346
1 6 | 360º Aon eSolutions a public-cloud offering remains the primary concern for risk, insurance and safety managers. That's because public clouds are typically based on a business model founded on outsourcing of the outsourcer's primary functions. Some vendors appear to be private clouds but outsource infrastructure, platforms and/ or applications to public clouds. To fully appreciate the potential consequences of an unsuccessful move of core and PII information to a cloud provider, consider another analogy: Imagine you're a homeowner lining up contractors for two jobs: painting your fence and refinishing your home's hardwood floor. With the fence, you probably wouldn't mind if the person you hired farmed the work out to someone else; fence painting is not the kind of exacting work that floor refinishing is. But if your floor refinisher gave the keys to your house to someone else, without your knowledge or consent, to perform such skilled work, it would be akin to breach of contract. Likewise, as a risk, insurance or safety manager, your cloud provider contract should be one between you and the provider, without undisclosed third-party providers involved. CONTINUOUS IMPROVEMENT: OR, WHAT HAS RIScloud DONE FOR YOU LATELY? When it comes to the client experience with RIScloud, one of the advantages to you is that you do not need to pay attention to the technology infrastructure and hardware that makes it all possible. That said, it is important to know that we are continually working to improve RIScloud performance in ways that clients will notice and value. Some ways that we do that include swapping out infrastructure, installing new load balancers and deploying new firewalls. A coming enhancement to RIScloud is our investment in new tooling capabilities that will provide Aon eSolutions with much greater detail on performance at the end-user level. So, if a RIScloud user is having issues with RiskConsole, iVOS or SafetyLogic, the Aon eSolutions support desk will have the ability to drill down to a very deep level and solve the client's issue quickly and precisely. COMING SOON: HIPAA CERTIFICATION Aon eSolutions is in the process of working toward HIPAA Security Accreditation from URAC, a Washington, D.C.-based health care accrediting organization that establishes quality standards for the health care industry. URAC's HIPAA Privacy and HIPAA Security accreditation programs outline a framework of best practices that describe the operational policies and procedures necessary for an effective compliance program. Undertaking the process of HIPAA Security Accreditation is another step in our mission to provide our clients with the added confidence that all shared health information data utilized for claim and risk management purposes is safe, secure and private. The accreditation assures that the applying organization has administrative policies and procedures that address the implementation of a Security Management Process to ensure the prevention, detection, containment and correction of security violations. Such policies and procedures address: » Risk Analysis: Conduct periodic, accurate, and thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity and availability of electronic protected health information held by the covered entity; » Risk Management: Implement security measures sufficient to reduce risks and vulnerabilities to a reasonable and appropriate level; » Sanction Policy: Apply appropriate sanctions against workforce members who fail to comply with the security policies and procedures of the covered entity; and » Information System Activity Review: Implement procedures to regularly review records of information system activity, such as audit logs, access reports and security incident tracking reports. OPENING SOON: EUROPEAN RIScloud DATA CENTER Aon eSolutions is building a RIScloud data center in Dublin, Ireland, which will be opened in September 2012 and host the data and risk-management technology applications used by Aon eSolutions' international clients. Aon eSolutions is opening an EU data center in response to growing adoption of cloud- computing business solutions by the risk management industry; expectations by clients and the risk management market for EU-based data hosting; and expected changes to EU data protection laws (specifically, the EU's Data Protection Directive of January 2012). Undertaking the process of HIPAA Security Accreditation is another step in our mission to provide our clients with the added confidence that all shared health information data utilized for claim and risk management purposes is safe, secure and private.